Push is on to strengthen CIOs’ authority

Feb. 7, 2013 - 11:38AM
|

When Terry Milholland came to the Internal Revenue Service five years ago, his ambitious plan to revamp the agency’s aging information technology infrastructure was met with skepticism, even resistance.

“When I came onboard, the resistance level [was], ‘Don’t worry about what he wants to do, he’ll be gone in a year,’ ” said Milholland, who serves as IRS’ chief information officer and technology officer. “A lot of federal agencies may have that problem of the churn at the top. When I stayed past [a] year people began to think, ‘Maybe he’s serious.’ ”

Gaining trust from his 7,000-person staff has been critical to improving IT management, implementing best practices for running data centers and developing software, and investing in new technology and training to provide a career path for employees. Several associate CIOs report to Milholland, but he controls the agency’s $2 billion IT budget and is ultimately accountable for the success or failure of IT programs.

“I think turning around federal IT starts with strong leadership,” said David Powner, with the Government Accountability Office. “Strong CIOs in departments and agencies makes a big difference.”

At the heart of draft legislation crafted by Rep. Darrell Issa, R-Calif., is a push to strengthen CIOs by allowing only one CIO per agency and then empowering those CIOs to decide how IT dollars are spent.

Experts say IT outcomes are affected by factors such as how long a CIO remains at his position, whom he reports to and how much of the budget he controls. CIOs and former agency IT executives in a 2011 GAO report said a CIO should stay in office for three to five years to be effective. But the median tenure of permanent CIOs is about two years.

“My goal was to be world-class. Over time, they knew I wasn’t going away,” said Milholland, who has agreed to stay on an additional four years.

Under the Clinger-Cohen Act, CIOs are supposed to:

 Monitor the performance of IT programs and advise the agency head whether to continue, modify or terminate programs.

 Assume responsibility and accountability for IT investments.

 Assess and manage the risks of IT acquisitions by integrating budget, financial and program management decisions.

Federal CIO Steven VanRoekel told lawmakers last month that existing laws provide agency CIOs with adequate authority to get their jobs done. But current and former CIOs have complained that their agencies’ structure and culture have constrained their ability to carry out these duties.

“The first step in addressing any problem is determining who is responsible and holding people accountable,” said Rep. John Mica, R-Fla., at a Jan. 22 hearing.

The General Services Administration and Interior Department are among agencies that have named a single department CIO and are consolidating functions and technology under the CIO’s purview to improve transparency and accountability.

“When I came onboard in 2010, the CIO was a traditional policy shop,” said Interior CIO Bernie Mazer. Mazer said he was fortunate to have senior leaders committed to improving how Interior delivered IT services.

Without the support of the secretary and other leaders, Mazer said it would have been a lot more challenging and taken longer to move the agency to one cloud email system.

Today, Mazer reviews all IT purchases of more than $2,500 and decides whether to approve them, delay purchases or buy using strategic sourcing.

GSA has a similar approval process for IT purchases, and acting Administrator Dan Tangherlini said in September that consolidating CIO functions under Casey Coleman will improve IT accountability and oversight.

Last year, the independent Defense Business Board, composed of private-sector executives, recommended that the Defense Department give more clout to CIO Teri Takai. When asked whether DoD had implemented those recommendations, the department said Takai maintains authority to develop strategy and policy, ensure compliance and advise the secretary on whether to continue, modify or terminate IT programs or projects across DoD.

To help ensure CIOs are held accountable for the management of IT projects, the administration launched a public website where CIOs are expected to rate the health of large projects.

But Powner expressed concern that the website — called the IT Dashboard — is plagued by incomplete and unreliable data. For example, the website said DoD had no troubled projects reported on the site last fall — the same time the Air Force canceled a $1 billion failed logistics system project, Powner said.

In response to such GAO criticisms, Takai is reassessing how the department rates dashboard investments.

Powner said that, despite the limited budget authority of many CIOs, some still succeed. He highlighted IRS’ Milholland and Department of Homeland Security CIO Richard Spires as examples.